deco-performance-audit
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection. Ingestion points: Application logs are ingested into the agent context via the
SEARCH_LOGSandGET_LOG_DETAILStools as described inSKILL.mdandtools-reference.md. Boundary markers: There are no explicit delimiters or specific instructions for the agent to disregard potential commands contained within the log data. Capability inventory: The skill includes tools for overall performance metrics, top path analysis, and detailed error logging. Sanitization: No validation or sanitization of the logbodyfield is specified before processing. - [DATA_EXFILTRATION]: According to the tool definitions in
tools-reference.md, theGET_LOG_DETAILStool provides access to auserEmailfield. This allows the processing of Personally Identifiable Information (PII) during the performance audit workflow, which constitutes a data exposure risk.
Audit Metadata